Patents by Inventor Kshitij Arun Doshi

Kshitij Arun Doshi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240319979
    Abstract: Various systems and methods for enabling derivation and distribution of an attestation manifest for a software update image are described. In an example, these systems and methods include orchestration functions and communications, providing functionality and components for a software update process which also provides verification and attestation among multiple devices and operators.
    Type: Application
    Filed: January 23, 2024
    Publication date: September 26, 2024
    Inventors: Ned M. Smith, Kshitij Arun Doshi, John Joseph Browne, Vincent J. Zimmer, Francesc Guim Bernat, Kapil Sood
  • Patent number: 12074806
    Abstract: A resource management framework may be used to improve performance of dominant and non-dominant resources for edge multi-tenant applications. The resource management framework may include an admission control mechanism, which may be used to balance disproportionate resource allocations by controlling allocation of unconstrained resources proportional to the requested dominant resources based on resource availability. The admission control mechanism may provide ongoing monitoring of dominant and non-dominant resource utilization, such as using a hybrid centralized-distributed telemetry collection approach. The resource management framework may also include a lightweight resource monitoring and policy enforcement mechanism on distributed networking elements to reduce or eliminate the exploitations of non-dominant resources.
    Type: Grant
    Filed: April 1, 2022
    Date of Patent: August 27, 2024
    Assignee: Intel Corporation
    Inventors: S M Iftekharul Alam, Satish Chandra Jha, Ned M. Smith, Vesh Raj Sharma Banjade, Kshitij Arun Doshi, Francesc Guim Bernat, Arvind Merwaday, Kuilin Clark Chen, Christian Maciocco
  • Patent number: 12063280
    Abstract: An apparatus to facilitate provenance audit trails for microservices architectures is disclosed. The apparatus includes one or more processors to obtain provenance metadata for a microservice from a local blockchain of provenance metadata maintained for the hardware resource executing a task performed by the microservice, the provenance metadata comprising identification of the microservice, operating state of at least one of a hardware resource or a software resource used to execute the microservice and the task, and an operating state of a sidecar of the microservice during the task; access one or more policies established for the microservice; analyze the provenance metadata with respect to the one or more policies to identify if there is a violation of the one or more policies; and generate one or more evaluation metrics based on whether the violation of the one or more policies is identified.
    Type: Grant
    Filed: August 25, 2023
    Date of Patent: August 13, 2024
    Assignee: INTEL CORPORATION
    Inventors: Rajesh Poornachandran, Vincent Zimmer, Subrata Banik, Marcos Carranza, Kshitij Arun Doshi, Francesc Guim Bernat, Karthik Kumar
  • Publication number: 20240264874
    Abstract: Various systems and methods for synchronizing execution of workload tasks are described herein. A networked computing device is configured to receive a set of barrier messages from a first set of tasks executing on at least one of a plurality of compute nodes in a system, the respective set of tasks operating as a part of a distributed workload; evaluate the set of barrier messages to determine whether a barrier synchronization condition is satisfied; and initiate execution of a second set of tasks executing on at least one of the plurality of compute nodes in the system in response to determining that the barrier synchronization condition is satisfied.
    Type: Application
    Filed: March 26, 2024
    Publication date: August 8, 2024
    Inventors: Kshitij Arun Doshi, Ned M. Smith, Sunil Cheruvu
  • Patent number: 12058119
    Abstract: Systems and techniques for automatic escalation of trust credentials are described herein. Requestor data may be received that describes workloads of a requestor. A set of trust credentials may be determined by using an escalation prediction model to evaluate the requestor data. The multi-access token may be assembled from the set of trust credentials. The multi-access token may be transmitted to an information provider to fulfill a request of a requestor.
    Type: Grant
    Filed: December 18, 2020
    Date of Patent: August 6, 2024
    Assignee: Intel Corporation
    Inventors: Kshitij Arun Doshi, Francesc Guim Bernat, Kapil Sood, Tarun Viswanathan, Ned M. Smith
  • Publication number: 20240259465
    Abstract: Various systems and methods for providing intent-based workload orchestration described herein. A data center system may include a plurality of compute nodes and an orchestration node. The orchestration node may be configured to identify a workload for execution on the plurality of compute nodes; identify intents that define requirements for the execution of the workload on the plurality of compute nodes; monitor the execution of the workload to produce monitoring data; and control the execution of the workload based on the intents and the monitoring data, to dynamically adapt to changed conditions during the execution of the workload.
    Type: Application
    Filed: March 28, 2024
    Publication date: August 1, 2024
    Inventors: Igor Duarte Cardoso, Todd Malsbary, Eric W. Multanen, Malini Bhandaru, Kshitij Arun Doshi, Ned M. Smith, Sunil Cheruvu, Anahit Tarkhanyan, Mats Gustav Agerstam
  • Patent number: 12047357
    Abstract: Embodiments described herein are generally directed to a transparent and adaptable mechanism for performing secure application communications through sidecars. In an example, a set of security features is discovered by a first sidecar of a first microservice of multiple microservices of an application. The set of security features are associated with a device of multiple devices of a set of one or more host systems on which the first microservice is running. Information regarding the set of discovered security features is made available to the other microservices by the first sidecar by sharing the information with a discovery service accessible to all of the microservices. A configuration of a communication channel through which a message is to be transmitted from a second microservice to the first microservice is determined by a second sidecar of the second microservice by issuing a request to the discovery service regarding the first microservice.
    Type: Grant
    Filed: December 20, 2021
    Date of Patent: July 23, 2024
    Assignee: Intel Corporation
    Inventors: Cesar Martinez-Spessot, Marcos Carranza, Lakshmi Talluru, Mateo Guzman, Francesc Guim Bernat, Karthik Kumar, Rajesh Poornachandran, Kshitij Arun Doshi
  • Publication number: 20240241769
    Abstract: Various systems and methods for providing secure and reliable node lifecycle in elastic workloads are described here. A compute node may be configured to: receive data describing a first elastic workload of the plurality of elastic workloads, the first elastic workload to execute on a first virtual execution environment, the first virtual execution environment associated with a first security context; determine a common resource that is used by the plurality of elastic workloads; store the common resource in a memory accessible by the first virtual execution environment; and execute the first elastic workload, wherein the first elastic workload has access to the common resource, and wherein the plurality of elastic workloads is executed in isolation from one another based on respective security contexts.
    Type: Application
    Filed: March 26, 2024
    Publication date: July 18, 2024
    Inventors: Ned M. Smith, Kshitij Arun Doshi, Sunil Cheruvu
  • Publication number: 20240241944
    Abstract: Various systems and methods are described for implementing security intents for the execution of workloads in cloud-to-edge (C2E) and cloud-native execution environments. An example technique for implementing security intents for a workload on a computing node of a cluster includes: identifying a workload for execution on the computing node; identifying security intents that define levels of respective security requirements for the execution of the workload on the computing node; adapting an execution environment of the computing node, based on the identified security intents; and controlling the execution of the workload within the execution environment, based on the identified security intents, to dynamically monitor and adapt to changing security conditions during the execution of the workload.
    Type: Application
    Filed: March 28, 2024
    Publication date: July 18, 2024
    Inventors: Ned M. Smith, Kshitij Arun Doshi, Adrian Hoban, Eric W. Multanen, Malini Bhandaru, Sunil Cheruvu, Thijs Metsch, Manjunath Ranganathaiah, Anahit Tarkhanyan, Sharad Mishra, Igor Duarte Cardoso, Todd Malsbary, Bruno Vavala, Adarsh Chittilapplly, Subin John, Alpesh Ramesh Rodage
  • Publication number: 20240244088
    Abstract: Various systems and methods for providing cloud-to-edge workload orchestration described herein. A computing node is configured to receive a distributed workload configuration including security intents; decompose, based on the distributed workload configuration, a workload into a plurality of sub-workloads; identify an infrastructure resource of the plurality of compute nodes to execute a sub-workload of the plurality of sub-workloads; determine that an operating environment of the infrastructure resource satisfies the security intents; bind the sub-workload to the infrastructure resource, wherein the binding produces a token that is presented by the sub-workload to the infrastructure resource, and wherein the token is used to ensure trust among framework layers; and deploy the sub-workload to the infrastructure resource.
    Type: Application
    Filed: March 29, 2024
    Publication date: July 18, 2024
    Inventors: Malini Bhandaru, Kshitij Arun Doshi, Ned M. Smith, Sunil Cheruvu, Anahit Tarkhanyan
  • Publication number: 20240243924
    Abstract: Various systems and methods are described for implementing attestation microservices and an attestation microservice mesh for cloud-to-edge (C2E) and cloud-native deployments are disclosed.
    Type: Application
    Filed: March 29, 2024
    Publication date: July 18, 2024
    Inventors: Ned M. Smith, Kshitij Arun Doshi, Sunil Cheruvu, Anahit Tarkhanyan
  • Patent number: 12039033
    Abstract: Techniques for borrow checking in hardware are described. The technology includes a memory to store a plurality of allocated objects, an allocated object referenced by a pointer; and a processor to execute a join instruction to create a group of pointers, by creating a group record for the group referenced by a group pointer and setting a group bit and ownership identifier (ID) of pointers of the group; and execute a transfer group ownership instruction to transfer ownership of the group, including pointers of the group, by verifying validity of the group and setting the ownership ID of pointers of the group when the group is valid.
    Type: Grant
    Filed: March 16, 2022
    Date of Patent: July 16, 2024
    Assignee: Intel Corporation
    Inventor: Kshitij Arun Doshi
  • Publication number: 20240235959
    Abstract: Various systems and methods for autonomously monitoring intent-driven end-to-end (E2E) orchestration are described herein. An orchestration system is configured to: receive, at the orchestration system, an intent-based service level objective (SLO) for execution of a plurality of tasks; generate a common context that relates the SLO to the execution of the plurality of tasks; select a plurality of monitors to monitor the execution of the plurality of tasks, the plurality of monitors to log a plurality of key performance indicators; generate a domain context for the plurality of tasks; configure an analytics system with the plurality of monitors and the plurality of key performance indicators correlated by the domain contexts; deploy the plurality of monitors to collect telemetry; monitor the execution of the plurality of tasks using the telemetry from the plurality of monitors; and perform a responsive action based on the telemetry.
    Type: Application
    Filed: December 24, 2021
    Publication date: July 11, 2024
    Inventors: John Joseph Browne, Francesc Guim Bernat, Kshitij Arun Doshi, Adrian Hoban, David Cremins, Thijs Metsch, Susanne M. Balle, Christopher MacNamara, Przemyslaw Perycz, Emma Cecilia Collins, Timothy Verrall
  • Publication number: 20240232669
    Abstract: Various systems and methods for providing Monte Carlo as a service are described here. A networked computing device may be configured to receive data describing an elastic workload that is partitioned among multiple nodes, execute a Monte Carlo simulation using at least a portion of the data describing the elastic workload, to obtain a workload configuration that distributes the elastic workload over a plurality of nodes, and present the workload configuration.
    Type: Application
    Filed: March 26, 2024
    Publication date: July 11, 2024
    Inventors: Ned M. Smith, Kshitij Arun Doshi, Sunil Cheruvu
  • Publication number: 20240236017
    Abstract: A computing node includes a NIC and processing circuitry configured to select a subset of computing resources from a set of available computing resources to initiate a parameter sweep associated with a parameter sweep request received. A plurality of settings is applied to each computing resource of the subset to generate a plurality of resource mappings during the parameter sweep. Each resource mapping of the plurality of resource mappings indicates at least one computing resource of the subset and a corresponding at least one setting of the plurality of settings. Telemetry information for the subset of computing resources is retrieved, the telemetry information is generated during the parameter sweep. A resource mapping of the plurality of resource mappings is selected based on a comparison of the telemetry information with an SLO. A reconfiguration of the available computing resources is performed based on the selected resource mapping.
    Type: Application
    Filed: June 25, 2021
    Publication date: July 11, 2024
    Inventors: Francesc Guim Bernat, Kshitij Arun Doshi, Karol Weber, Marek PIOTROWSKI, Piotr Wysocki
  • Patent number: 12026074
    Abstract: Various aspects of methods, systems, and use cases for testing, integration, and deployment of failure conditions in an edge computing environment is provided through use of perturbations.
    Type: Grant
    Filed: September 22, 2020
    Date of Patent: July 2, 2024
    Assignee: Intel Corporation
    Inventors: Francesc Guim Bernat, Kshitij Arun Doshi, Ned M. Smith
  • Publication number: 20240195789
    Abstract: A computing device includes a direct memory access (DMA) engine coupled to a memory, a network interface, and processing circuitry. The processing circuitry is to perform a secure exchange with a second computing device to negotiate a shared encryption key, based on a request for data received via the network interface from the second computing device. The DMA engine is to retrieve the data from a storage location based on an encryption command. The encryption command indicates the storage location. The DMA engine is to encrypt the data based on the shared encryption key to generate encrypted data, and store the encrypted data in the memory.
    Type: Application
    Filed: February 15, 2024
    Publication date: June 13, 2024
    Inventors: Kshitij Arun Doshi, Uzair Qureshi, Lokpraveen Mosur, Patrick Fleming, Stephen Doyle, Brian Andrew Keating, Ned M. Smith
  • Patent number: 12008374
    Abstract: The technology includes allocating an object in a memory and setting an ownership identifier (ID) in the allocated object, the allocated object being associated with a first variable in a program and setting a matching ownership ID in a pointer to the allocated object. When the allocated object is accessed during execution of the program by a processor, an exception is generated when the ownership ID in the allocated object does not match the ownership ID in the pointer, and execution of the program is continued when the ownership ID in the allocated object does match the ownership ID in the pointer.
    Type: Grant
    Filed: March 16, 2022
    Date of Patent: June 11, 2024
    Assignee: INTEL CORPORATION
    Inventors: Michael LeMay, Peiming Liu, David M. Durham, Scott Constable, Kshitij Arun Doshi
  • Patent number: 11996992
    Abstract: Various systems and methods for providing opportunistic placement of compute in an edge network are described herein. A node in an edge network may be configured to access a service level agreement related to a workload, the workload to be orchestrated for a user equipment by the node; modify a machine learning model based on the service level agreement; implement the machine learning model to identify resource requirements to execute the workload in a manner to satisfy the service level agreement; initiate resource assignments from a resource provider, the resource assignments to satisfy the resource requirements; construct a resource hierarchy from the resource assignments; initiate execution of the workload using resources from the resource hierarchy; and monitor and adapt execution of the workload based on the resource hierarchy in response to the execution of the workload.
    Type: Grant
    Filed: June 28, 2022
    Date of Patent: May 28, 2024
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, S M Iftekharul Alam, Satish Chandra Jha, Vesh Raj Sharma Banjade, Christian Maciocco, Kshitij Arun Doshi, Francesc Guim bernat, Nageen Himayat
  • Publication number: 20240152460
    Abstract: An example disclosed apparatus comprises a trigger monitor to detect an event satisfying a cache scrape trigger rule during execution of a workload, and a cache scraper to scrape cache data from cache in hardware during the execution of the workload.
    Type: Application
    Filed: December 19, 2023
    Publication date: May 9, 2024
    Inventors: John J. Browne, Kshitij Arun Doshi, Thijs Metsch, Francesc Guim Bernat, Adrian Hoban